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DETAILED ACTION 
Continued Examination Under 37 CFR 1.114 

1 . A request for continued examination under 37 CFR 1.114, including the fee set 
forth in 37 CFR 1 .17(e), was filed in this application after final rejection. Since this 

application is eligible for continued examination under 37 CFR 1.114, and the fee set 
forth in 37 CFR 1 .17(e) has been timely paid, the finality of the previous Office action 
has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on 
1 1/1 1/2008 has been entered. 

Response to Arguments 

2. Applicant's arguments, filed on 1 1/1 1/2008 with respect to claims 1-9 and 13-20 
in the remarks, have been considered but are moot in view of the new ground(s) of 

rejection necessitated by the new limitations added to claims. See the rejection below of 
claims 1-9 and 13-20 for relevant citations found in Deshpande and Barriga-Caceres 
disclosing the newly added limitations. 

Claim Rejections - 35 USC S 103 

3. The following is a quotation of 35 U.S.C. 1 03(a) which forms the basis for all 

obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented 
and the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

This application currently names joint inventors. In considering patentability of the claims under 35 
U.S.C. 1 03(a), the examiner presumes that the subject matter of the various claims was commonly owned at the time 
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any inventions covered tlierein were made absent any evidence to the contrary. Applicant is advised of the obligation 
under 37 CFR 1 .56 to point out the inventor and invention dates of each claim that was not commonly owned at the 
time a later invention was made in order for the examiner to consider the applicability of 35 U.S.C. 103(c) and 
potential 35 U.S.C. 102(e), (f)or (g) prior art under 35 U.S.C. 103(a). 

The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1 , 148 USPQ 459 (1966), that are applied for establishing a 
background for determining obviousness under 35 U.S.C. 103(a) are summarized as follows: 

1 . Determining the scope and contents of the prior art. 

2. Ascertaining the differences between the prior art and the claims at issue. 

3. Resolving the level of ordinary skill in the pertinent art. 

4. Considering objective evidence present in the application indicating obviousness or nonobviousness. 

Claims 1-9 and 13-20 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Deshpande et al. (U.S 20020176579 A1), (hereinafter Deshpande) in view of 
Barriga-Caceres et a!., (US 20030163733), (hereinafter Barriga). 

Regarding claims 1, 7 and 13, Deshpande discloses a network access 
system/program comprising: 

a network access hub (= hotspot access point 20 or 30, see Fig. 1) 
communicatively coupled to a global communications network (= hotspot service 
provider network; and any other connected networks such as internet, see [0019]) and 
the network access hub (= access point 20 or 30) communicatively connectable to a 
computing device (= mobile wireless device 40, see [0020] and Fig. 1) the network 
access hub operable to receive an initial set of credentials from a user via the 
computing device (= user is required to provide identification such as user name, 
password or IMSI, see [0025-26]); 

an authentication engine (= user is authorized via authentication server 50 for 
access to the hotspot service provider's services, see [0025]) communicatively coupled 
to the network access hub via and the global communications network; and 
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authentication engine operable to receive the initial set of credentials of the user from 
the network access hub and operable to authenticate the initial set of credentials and an 
authorization engine (= user is authorized via authentication server 50 for access to the 
hotspot service provider's services, see [0025]),operable to issue the computing device 
a grant of access rights (= access privileges, see [0022]) to both transport service 
(= user may registers with access point; and makes high bandwidth connection to 
internet, see [0020-21]) and federated data services of federated data service providers 
(= user may accept e-mail and other services once authorized; and authorization with 
another access point will not require the user to supply identification and/or 
authentication information for access to services, see [0022, 0025 and 0034]) via the 
global communications network and the network access hub in response to the 
authentication of the initial set of credentials (= user is authorized via authentication 
server 50 for access to the hotspot service provider's services, see [0025]), authorize 
access of the user to both the transport services and the federated data services of the 
federated data service without the user having to provide the initial set of credentials to 
re- authenticate with the federated service providers (= authorization with another 
access point will not require the user to supply identification and/or authentication 
information for access to services, see [0025 and 0034]; wherein the user connection to 
the access point and internet, is being associated with "transport service"; and the 
user's authorization to access hotspot service provider's services via another access 
point without the supply of user identification, is being associated with the "federated 
service"). 
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Although Deshpande mentions access privileges upon authorization; and the 
user's authorization to access hotspot service provider's services via another access 
point without the supply of user identification (see [0022 and 0025]), Deshpande 
explicitly fails to mention " third party federated data service providers" and a "token". 

Barriga, which is an analogous art, mentions a system that Includes Federation 
of Service Providers; a Single Sign-on Services (SSO) for subscribers of Federation of 
Mobile Network Operator; users having the advantage of the SSO service can access 
any service at any Service Provider (SP) within the reference model agreement; the 
Mobile Network Operators (MNO) may obtain revenues by offering SSO services, In 
particular authentication and authorization, to third parties; and authentication and 
authorization via AAA server 44 (see [0003, 0010-1 1 , 0017 0022-25, 0044 and 0100- 
0101]). Barriga also teaches digital certificates, token, cookies and artifact that include 
user authentication Identity (see, [0007, 0020, 0066-70, 0103 and 0106-108]; whereby 
the digital certificates, token, cookies and artifact are an example of the "token"). 

It would therefore have been obvious to one of the ordinary skill in the art to 
combine the teaching of Barriga with the system of Deshpande for the benefit of 
achieving a federated single sign-on network (see Barriga, [0025]). 

Regarding claim 2, as recited in claim 1, Deshpande further discloses that the system 
further comprising a short-range wireless transceiver associated with the first network 
access hub (see, [0002 and 0020]). 
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Regarding claim 3, as recited in claim 2, Deshpande further discloses the system, 
wherein the transport services comprise wireless communication via a wireless local 
area network technology link (see, [0021]). 

Regarding claim 4, as recited in claim 3, Deshpande further discloses the system, 
wherein the data services comprise a service that provides personalized information 
based on an identity of the user (see, [0025-26]). 

Regarding claim 5, as recited in claim 4, Deshpande discloses the system, wherein the 
federated data services (= upon authentication, handshaking with another access point 
will not require the user to supply identification and/or authentication information for 
access to services, see [0019, 0025 and 0034]); but fails to mention that the federated 
system includes first federated data service provided by a first third party federated 
service provider, and a second third oartv federated data service provided by a second 
federated service provider. 

However, Barriga, which is an analogous art, mentions the federated system 
includes first federated data service provided by a first third party federated service 
provider, and a second third party federated data service provided by a second 
federated service provider (= system that includes Federation of Service Providers; a 
Single Sign-on Services (SSO) for subscribers of Federation of Mobile Network 
Operator; users having the advantage of the SSO service can access any service at 
any Service Provider (SP) within the reference model agreement; the Mobile Network 



Application/Control Number: 10/669,122 Page 7 

Art Unit: 2617 

Operators (MNO) may obtain revenues by offering SSO services, in particular 
authentication and authorization, to third parties; and authentication and authorization 
via AAA server 44 (see [0003, 0010-11, 0017, 0022-25, 0044 and 0100-0101]). 

It would therefore have been obvious to one of the ordinary skill in the art to 
combine the teaching of Barrlga with the system of Deshpande for the benefit of 
achieving a federated single sign-on network (see Barriga, [0025]). 

Regarding claim 6, as recited in claim 5, Deshpande explicitly fails to disclose that the 
system, further comprising "a federation engine operable to maintain information that 
indicates members of a service provider federation, the service provider federation 
comprising the first third party federated service provider and the second third party 
federated service provider". 

However, Barriga teaches "a federation engine operable to maintain information 
that indicates members of a service provider federation, the service provider federation 
comprising the first third party federated service provider and the second third party 
federated service provider" (see, [0009-11, 0019, 0022-25, 0028, 0044 and 0066-70]). 

It would therefore have been obvious to one of the ordinary skill In the art to 
combine the teaching of Barriga with the system of Deshpande for the benefit of 
achieving a federated single sign-on network (see Barriga, [0025]). 

Regarding claim 8, as recited in claim 7, Deshpande discloses that the method further 
comprising: receiving a request for access to the federated network data service from 
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an electronic device (see, [0025 and 0034]); prompting the electronic device to send the 
first set of credentials (= PIN, password) (see, [0020 and 0025]). 

Regarding claim 9, as recited in claim 8, Deshpande discloses that the method further 

comprising: receiving a subsequent request for access to a second federated network 
data service of a second federated data service provider from the electronic device; and 
authorizing access to the second federated network data service of the second 
federated data service provider in response to the subsequent request without the user 
having to provide the initial set of credentials to re-authenticate with the second 
federated service provider (= upon authentication and authorization, handshaking with 
another access point will not require the user to supply identification and/or 
authentication information for access to services, see [0019, 0025 and 0034]); but fails 
to mention "requesting that the electronic device cache the token and recognizing an 
existence of the token at the electronic device" and " third party federated data service 
providers". 

Barriga, which is an analogous art, mentions a system that includes Federation 
of Service Providers; a Single Sign-on Services (SSO) for subscribers of Federation of 
Mobile Network Operator; users having the advantage of the SSO service can access 
any service at any Service Provider (SP) within the reference model agreement; the 
Mobile Network Operators (MNO) may obtain revenues by offering SSO services, in 
particular authentication and authorization, to third parties; and authentication and 
authorization via AAA server 44 (see [0003, 0010-1 1 , 0017 0022-25, 0044 and 0100- 
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0101]). Barriga also teaches digital certificates, token, cookies and artifact that include 
user authentication identity (see, [0007, 0020, 0066-70, 0103 and 0106-108]; whereby 
the digital certificates, token, cookies and artifact are an example of the "token"). 

It would therefore have been obvious to one of the ordinary skill in the art to 
combine the teaching of Barriga with the system of Deshpande for the benefit of 
achieving a federated single sign-on network (see Barriga, [0025]). 

Regarding claim 14, as recited in claim 13, Deshpande mentions access privileges 
upon authorization (see [0022]), however, Deshpande explicitly fails to mention the 
system wherein the electronic device includes a cache operable to store the token. 

Barriga, which is an analogous art, mentions a system that includes Single Sign- 
on Services (SSO) for subscribers of Federation of Mobile Network Operator and 
authentication and authorization via AAA server 44 (see [0003, 0010-1 1, 0017 0022-25 
0044 and 0100-0101]). Barriga also teaches digital certificates, token and artifact (see, 
[0007, 0020, 0066-70 and 0106-08]). 

It would therefore have been obvious to one of the ordinary skill in the art to 
combine the teaching of Barriga with the system of Deshpande for the benefit of 
achieving a federated single sign-on network (see Barriga, [0025]). 

Regarding claim 15, as recited in claim 13, Deshpande discloses access rights to both 
transport services and data services at a second hotspot of the plurality of hotspots 



Application/Control Number: 10/669,122 Page 10 

Art Unit: 2617 

(= access privileges, see Pars. [0022, 0025, 0034, 0037 and 042-43]); but fails to 
mention a token. 

Barriga, which is an analogous art, mentions a system that includes Single Sign- 
on Services (SSO) for subscribers of Federation of Mobile Network Operator and 
authentication and authorization via AAA server 44 (see [0003, 001 0-11, 0017 0022-25 
0044 and 0100-0101]). Barriga also teaches digital certificates, token and artifact (see, 
[0007, 0020, 0066-70 and 0106-08]). 

It would therefore have been obvious to one of the ordinary skill in the art to 
combine the teaching of Barriga with the system of Deshpande for the benefit of 
achieving a federated single sign-on network (see Barriga, [0025]). 

Regarding claim 16, as recited in claim 13, Deshpande discloses that the system, 

further comprising: an authentication engine communicatively coupled to the broad 
communications network and operable to receive an initial set of credentials from a 
user, the authentication engine (= authorization and authentication, see [0019 and 
0024-25]) further operable to compare the initial set of credentials against a maintained 
set of credentials and to output a valid signal indicating that the user is a valid user 
(see , [0022, 0024-25 and 0034]); but fails to mention and a "federation engine operable 
to initiate a sharing of information associated with the valid user with a first third partv 
federated data service provider". 
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However, Barriga teaches "federation engine operable to initiate a sharing of 
information associated with the valid user with a first third party federated data service 
provider" (see Pars. 0009-1 1, 0022-25, 00280047-48 and 0066-70). 

It would therefore have been obvious to one of the ordinary skill in the art to 
combine the teaching of Barriga with the system of Deshpande for the benefit of 
achieving a federated single sign-on network (see Barriga, Par. 0025). 

Regarding claim 17, as recited in claim 13, Deshpande discloses that the system, 
further comprising: 

an authentication engine communicatively coupled to the broad communications 
network and operable to output a valid signal indicating that a user requesting access is 
a valid user and entitled to transport and data service access (see, [0019, 0025, 0034 
and 0037]); but fails to teach "a federation engine operable to initiate a sharing of at 
least a portion of a valid user information with a first third party federated data service 
provider, the valid user information to facilitate access to a federated data service 
without additional sign on operations by the user requesting access". 

However, Barriga teaches "a federation engine operable to initiate a sharing of 
at least a portion of a valid user information with a first third party federated data service 
provider, the valid user information to facilitate access to a federated data service 
without additional sign on operations by the user requesting access" (see, [0009-1 1 , 
0022-25, 00280047-48 and 0066-70]). 
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It would therefore have been obvious to one of the ordinary skill in the art to 
combine the teaching of Barriga with the system of Deshpande for the benefit of 
achieving a federated single sign-on network (see Barriga, [0025]). 

Regarding claim 18, as recited in claim 13, Deshpande discloses the system, wherein 
the data service comprises a unified messaging mailbox (see, [0019 and 0041]). 

Regarding claim 19, as recited in claim 13, Deshpande discloses the system, wherein 
the transport service comprises access to the broad communication network via at 
least the first hotspot of the plurality of hotspots (see, [0019, 0025 and 0034] and Fig. 
2). 

Regarding claim 20, as recited in claim 19, Deshpande discloses that the system, 
further comprising: 

an authentication engine communicatively coupled to the broad communications 
network and operable to output a valid signal indicating that a user requesting access is 
a valid user and entitled to transport and data service access (0037); but fails to teach 
"a federation engine operable to initiate a sharing of at least a portion of valid user 
information with a first third party federated data service provider, the valid user 
information operable to facilitate access to a federated data service without additional 
sign on operations by the user requesting access". 
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However, Barriga teaches "a federation engine operable to initiate a sharing of 
at least a portion of valid user information with a first third party federated data service 
provider, the valid user information operable to facilitate access to a federated data 
service without additional sign on operations by the user requesting access" (= single 
sign-on and federation, see Pars. 0009-1 1 , 0022-25, 00280047-48 and 0066-70). 

It would therefore have been obvious to one of the ordinary skill in the art to 
combine the teaching of Barriga with the system of Deshpande for the benefit of 
achieving a federated single sign-on network (see Barriga, Par. 0025). 

CONCLUSION 

Examiner's Note: Examiner has cited particular columns and line numbers in the 
references applied to the claims above for the convenience of the applicant. Although 
the specified citations are representative of the teachings of the art and are applied to 
specific limitations within the individual claim, other passages and figures may apply as 
well. It is respectfully requested from the applicant in preparing responses, to fully 
consider the references in entirety as potentially teaching all or part of the claimed 
invention, as well as the context of the passage as taught by the prior art or disclosed 
by the Examiner. SEE MPEP 2141 .02 [R-5] VI. PRIOR ART MUST BE 
CONSIDERED IN ITS ENTIRETY, INCLUDING DISCLOSURES THAT TEACH AWAY 
FROM THE CLAIMS: A prior art reference must be considered in its entirety, i.e.. as a 
whole, including portions that would lead away from the claimed invention. W.L. Gore & 
Associates, Inc. v. Garlock, Inc., 721 F.2d 1540, 220 USPQ 303 (Fed. Cir. 1983), cert. 
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denied, 469 U.S. 851 (1984) In re Fulton, 391 F.3d 1195, 1201, 73 USPQ2d 1141, 1146 
(Fed. Cir. 2004). >See also MPEP §2123. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Kwasi Karikari whose telephone number is 571-272- 
8566. The examiner can normally be reached on M-T (9am - 7pm). 
If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Charles Appiah can be reached on 571-272-7904. The fax phone number 
for the organization where this application or proceeding is assigned is 571-273-8566. 
Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published 
applications may be obtained from either Private PAIR or Public PAIR. Status 
information for unpublished applications is available through Private PAIR only. For 
more information about the PAIR system, see http://pair-direct.uspto.gov. Should you 
have questions on access to the Private PAIR system, contact the Electronic Business 
Center (BBC) at 866-217-9197 (toll-free). 

/Kwasi Karikari/ 

Patent Examiner: Art Unit 2617. 



/Charles N. Appiah/ 

Supervisory Patent Examiner, Art Unit 2617 



